Mobile devices provide workers with access to advanced communications tools and an extensive range of applications designed to support and enhance working processes whilst on-the-go. However, with the
Advancements in mobile technology have opened up a wealth of opportunity for businesses.
Mobile devices provide workers with access to advanced communications tools and an extensive range of applications designed to support and enhance working processes whilst on-the-go.
However, with these enhanced abilities comes a corresponding challenge: How can organisations safely and effectively manage the security of the mobile devices on which company data lives?
Mobile devices are often the weakest link in an organisation’s IT security strategy. Whilst these devices are useful, they do, unfortunately, present additional security risks. Increased mobility naturally leads to greater risk of data theft and leaks, particularly if devices become lost or stolen.
Connection to public and home networks can also compromise mobile devices, which can then be used as a stepping stone to gain access to the company network. Whether these devices are personal or company-owned, it’s clear that some level of management is absolutely critical due to the sheer amount of data being accessed and saved on them.
Mobile device management (MDM) may seem like a daunting task, but it’s not something that should be overlooked if you want to ensure that your company network and data remains secure.
Planning is an essential prerequisite to an effective strategy for managing mobile devices within your organisation.
An effective mobile device strategy should be all-encompassing. Make sure that you incorporate all mobile devices including smartphones, tablets, laptops and USB devices. The latter is often overlooked, but it is one of the most commonly used, and frequently lost, mobile devices.
When USB devices are lost, employees often replace them without IT departments ever being made aware of the possible data leak. It’s a good idea to provide employees with encrypted USB devices.
When planning your strategy, consider how, when and where mobile devices are used within your organisation. Your approach to mobile management should match the way in which devices are actually used, or should be used, in your company.
An off-the-shelf approach might not be the most effective. For example, those working within different departments in your company are likely to have differing capability requirements and, as such, each capability should be restricted to those for whom it is necessary in order to fulfil their roles.
Consider how many devices are being used and what these are, how many users there are and which operating systems are being used. The greater number of different devices and operating systems there are, the more difficult it can be to manage them.
If you don’t have the budget to roll out company devices across your entire organisation, perhaps consider restricting the type of devices are that are permitted. You could, for example, specify that only either iOS or Android devices are allowed.
It’s advisable to utilise an MDM platform as this can help to simplify the management of mobile devices within your business. There are numerous MDM platforms available, so it’s a question of which is best suited to your organisation.
Free options are available, which may be okay for very small companies, but you should always consider whether a paid service would be more effective. When choosing your MDM platform, consider the following:
• Which operating systems are you supporting?
• Are you able to manage your mobile devices remotely?
• Are you able to create tailored company policies?
• Is a cloud-based service more suitable?
Clearly defined policies are an essential aspect of any effective IT security strategy and mobile devices should be incorporated if your approach is to be fully comprehensive. General policies covering acceptable use, passwords, remote access, encryption, identity, communications activities etc. should be extended to cover the use of mobile devices within your organisation.
Once you have defined the rules regarding the use of mobile devices within your organisation and created policies corresponding to these, the next important step is to educate your employees. Individuals can often be one of the weakest links in your security chain. Ignorance of risk can cause security vulnerabilities. Take the time to educate and train your employees on the particular risks associated with the use of mobile devices.
Whilst it’s important to have well-defined policies and effective MDM software, an exhaustive approach to mobile device management will require some degree of investment in IT.
If you don’t have the capabilities internally, within your IT department, to support the inevitable influx of mobile devices, you should consider outsourcing IT support to a specialist company. This option is ideal for small and medium sized businesses as it tends to work out much more cost-effective than hiring a full in-house IT team. It also provides access to a level of expertise and knowledge that is otherwise beyond the financial reach of many SMEs.
In conclusion, the increased use of mobile devices within organisations brings a number of benefits, but it also introduces a myriad of security concerns. The risks can, however, be mitigated with an effective mobile device management strategy that incorporates well-defined policies, MDM software and an investment in IT.
If you’re considering a major change to your IT strategy, such as company-wide implementation of mobile devices, but are unsure of how to manage such a project, we recommend consulting a specialist IT company.
Contact Grant McGregor today for expert advice and assistance.